Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Eq37uxCzn4twO6rwO9Tk1H3Y_ew.roa
File: Eq37uxCzn4twO6rwO9Tk1H3Y_ew.roa (raw, json)
Hash identifier: G3Dw/0+h5QLrBlVTcq/YkEmkVpxW9FfoKT44sVTe6gk=
Subject key identifier: 12:AD:FB:BB:10:B3:9F:8B:70:3B:AA:F0:3B:D4:E4:D4:7D:D8:FD:EC
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019C9B31F00EF31462ABAE1B9C65FD7383DA
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Eq37uxCzn4twO6rwO9Tk1H3Y_ew.roa
Signing time: Thu 26 Feb 2026 18:24:27 +0000
ROA not before: Thu 26 Feb 2026 18:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 89.33.12.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.1.0/24 maxlen: 24
93.114.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9b:31:f0:0e:f3:14:62:ab:ae:1b:9c:65:fd:73:83:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 26 18:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=12adfbbb10b39f8b703baaf03bd4e4d47dd8fdec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:2f:1d:82:64:39:27:8c:23:a8:73:db:9f:
af:dc:a4:d2:23:2d:e9:e9:c7:a2:f7:e0:27:0a:eb:
45:27:83:9e:4f:99:93:b5:95:ef:37:cc:ad:9b:b6:
1e:c5:3c:2d:0e:73:19:b1:b7:de:2d:c0:a8:2f:32:
a6:d0:4d:5d:7a:06:31:8e:cd:26:55:02:60:ed:ca:
c2:04:e8:86:5b:66:8b:14:02:a2:06:27:fe:37:7d:
08:9f:4f:86:2e:2e:ca:a4:07:bf:2a:a0:ba:15:08:
f7:d1:80:6e:b1:2f:cb:b2:68:92:a4:26:50:dc:dd:
3c:40:d7:04:cd:c7:d4:2a:72:13:b5:70:34:b3:a3:
56:22:18:b9:b3:39:e6:5c:33:e8:b1:a3:a4:c1:12:
9a:bd:a7:68:bd:6f:96:50:40:fe:31:40:4d:d0:c0:
cf:0c:a2:b3:b9:f4:e5:d2:d9:d5:12:b4:0b:fc:63:
ce:2d:da:6d:2c:22:3c:5d:5a:a5:a1:1e:e4:21:f0:
21:a7:08:88:a3:f2:26:b8:91:9a:2b:95:a8:64:2e:
05:9a:3b:bc:d9:bf:52:6b:cf:f2:c7:00:ef:1c:2d:
67:c4:d2:07:2b:15:9a:d1:98:e6:c2:4c:9d:74:33:
33:dd:9d:d9:eb:be:82:e7:ba:9f:a4:05:2b:60:22:
e5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AD:FB:BB:10:B3:9F:8B:70:3B:AA:F0:3B:D4:E4:D4:7D:D8:FD:EC
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Eq37uxCzn4twO6rwO9Tk1H3Y_ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/24
89.42.82.0/23
89.46.1.0/24
93.114.72.0/24
Signature Algorithm: sha256WithRSAEncryption
05:82:6e:20:d1:7c:fa:89:53:33:6f:f2:1b:ba:59:22:15:eb:
44:2f:c3:80:40:b3:7d:6a:10:63:ee:6f:fe:60:e5:16:7f:52:
c9:a7:3e:59:bc:7d:5d:5e:df:0b:ff:23:eb:8f:73:70:97:35:
fb:69:17:9f:92:23:ce:f1:16:5e:d1:7f:c1:5e:2e:63:80:70:
2c:ff:76:18:74:15:5b:9b:28:9b:fc:f8:27:44:33:be:1d:75:
dd:b8:48:bc:fd:e0:58:5c:3a:19:1e:35:59:78:92:bd:14:4e:
57:74:61:42:23:18:83:29:8f:97:73:de:da:c5:0f:91:f9:ac:
9f:6b:3c:b4:bf:03:b8:01:1f:e3:94:8a:26:44:47:64:2e:11:
a0:5c:bb:75:c9:d2:c2:06:82:a0:48:5f:b6:b9:22:85:a6:7d:
7f:c1:88:40:c7:07:6c:25:15:41:23:9b:54:18:34:1e:18:2e:
c2:a0:21:4f:29:be:b4:a4:b2:13:50:4d:55:d2:ab:4e:a4:95:
9d:d0:59:9d:0e:fb:36:9c:99:07:1f:07:f1:7f:fa:c3:6d:2d:
ed:70:ec:c4:eb:19:d6:44:24:79:17:50:9c:10:43:f5:82:7a:
5f:cd:9b:c9:2c:db:5c:2e:69:98:11:1c:35:53:a2:b2:ea:37:
fc:24:17:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZybMfAO8xRiq64bnGX9c4PaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMjI2MTgyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmFkZmJiYjEwYjM5ZjhiNzAzYmFhZjAzYmQ0ZTRkNDdkZDhmZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrsvHYJkOSeMI6hz25+v3KTSIy3p
6cei9+AnCutFJ4OeT5mTtZXvN8ytm7YexTwtDnMZsbfeLcCoLzKm0E1degYxjs0m
VQJg7crCBOiGW2aLFAKiBif+N30In0+GLi7KpAe/KqC6FQj30YBusS/LsmiSpCZQ
3N08QNcEzcfUKnITtXA0s6NWIhi5sznmXDPosaOkwRKavadovW+WUED+MUBN0MDP
DKKzufTl0tnVErQL/GPOLdptLCI8XVqloR7kIfAhpwiIo/ImuJGaK5WoZC4Fmju8
2b9Sa8/yxwDvHC1nxNIHKxWa0ZjmwkyddDMz3Z3Z676C57qfpAUrYCLlPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBKt+7sQs5+LcDuq8DvU5NR92P3sMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRXEzN3V4Q3puNHR3TzZyd085VGsxSDNZX2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSEMAwQB
WSpSAwQAWS4BAwQAXXJIMA0GCSqGSIb3DQEBCwUAA4IBAQAFgm4g0Xz6iVMzb/Ib
ulkiFetEL8OAQLN9ahBj7m/+YOUWf1LJpz5ZvH1dXt8L/yPrj3NwlzX7aRefkiPO
8RZe0X/BXi5jgHAs/3YYdBVbmyib/PgnRDO+HXXduEi8/eBYXDoZHjVZeJK9FE5X
dGFCIxiDKY+Xc97axQ+R+ayfazy0vwO4AR/jlIomREdkLhGgXLt1ydLCBoKgSF+2
uSKFpn1/wYhAxwdsJRVBI5tUGDQeGC7CoCFPKb60pLITUE1V0qtOpJWd0FmdDvs2
nJkHHwfxf/rDbS3tcOzE6xnWRCR5F1CcEEP1gnpfzZvJLNtcLmmYERw1U6Ky6jf8
JBcq
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:07:07 2026 by rpki-client